(and other fun stuff)

James Reynolds University of Utah Student Computing Labs Support [email protected] What is launchd

Jordan Hubbard’s solution /sbin/launchd One ring.., er, to launch them all... Replacement for /sbin/ There is no init in 10.4 launchd has PID 1 and is the parent of every process Most /etc/rc’s (/etc/rc still exists for now) SystemStarter (still exists for now) mach_init.d (still exists for now) What can you do with launchd

Launch Daemons (run as root) ssh, ftp, , etc... Launch Agents (run as user) Kinda like “Login Items” (“User Startup Items” in 10.3) Great example is ssh-agent Tune the kernel & environment Set limits Globally redirect stdout & stderr Much much more... Why launchd?

Other solutions init required editing rc files If launch order was wrong, problems... Not the easiest thing for a newbie to configure SystemStartup was nice in theory, but... Developers guessed too often Too much requirements Too few requirements mach_init.d (bootstrap daemons) Like a horse that never got past the gate Apple used it, but few others Why launchd?

launchd “Easier to manage” One location to turn stuff on and off (not really, but...) Up to now, daemons handled daemonization internally Settings were thus internal to the service Launchd can set: UID, GID, PWD, , stdio, resource limits, priority Improves performance Watchdog Provides “on-demand” launches Requirements tied to sockets and file descriptors Dependencies

SystemStarter had it... StartupParameters.plist & “Requires” & “Provides” Launchd has it, but very different Use IPC (inter-process communication) Either request a socket from the required service Or request a file descriptor If the service isn’t running, launchd will launch it Launchd gives your request to the service once it starts Or you can watch files or paths for changes What is “on demand”?

Process only loads when it is needed Process startups only when requested Process shuts down when request is finished Frees up memory & resources Example: sshd It is only needed when port 22 is contacted So sshd only runs when something port 22 Example: crond It is only needed when there is a crontab So crond only runs when there is a crontab Example: ssh-agent Only needed when opening an ssh connection Startup in 10.4

BootROM activate /System/Library/CoreServices/BootX Kernel loaded “” image drawn Required kexts loaded launchd /etc/rc /System/Library/LaunchDaemons /Library/LaunchDaemons loginwindow Launchd startup

Sockets and file descriptors are registered Services should not “fork” and “daemonize” Launchd will do this for the service This is so that launchd can monitor shutdowns & more “Always on” services are started If a socket, file descriptor, or file/path is accessed The service that registered is launched If service notices no requests, it can shut down Launchd will be aware of the crond is launched this way “The Placebo Mini-Pattern”

/usr/libexec/WaitingForLoginWindow Run it anytime! Reads /var/db/loginwindow.boottime Image is PART OF BINARY Search MacOSXHints for WaitingForLoginWindow for script to replace pdf Running stuff before loginwindow

In 10.3 and earlier Modify loginwindow’s StartupParameters.plist In 10.4 Create /etc/rc.local If exists, this is executed by /etc/rc GUI *should* work Still testing, I’m getting strange behavior Login/logout hooks

Same as before, except Do not edit /etc/ttys (unless you are using 10.2) In 10.3, you edited /Library/Preferences/com.apple.loginwindow.plist In 10.4, you edit /var/root/Library/Preferences/com.apple.loginwindow.plist BPSystemStarter says these are deprecated (pg 27) File a bug please!!!! Tech Note 301446 says how to do it sudo defaults write com.apple.loginwindow LoginHook /path/to/script Shutdown Items

SystemStarter scripts had a “Shutdown” function It never worked Until 10.4... (I’ve read, not actually tested) But that is part of SystemStarter, which is going away... Launchd will call a service’s SIGTERM This is how to correctly shutdown In other words, it is up to the service Making LaunchDaemons/Agents

Assuming you have a service that behaves right Edit plist files Required: Label and Program Arguments Should have OnDemand on Many many optional parameters, see: /System/Library/LaunchDaemons for examples “man launchd.plist” BPSystemStartup.pdf (from developer.apple.com) Launchd Editor http://www.codepoetry.net/products/launchdeditor So much easier, but can’t do everything DEMO Configuring launchd w/ launchctl

Modify the run environment Run as sudo to change global environment This was an impossible task in 10.3 Limits “launchctl limit maxfiles 512” “limit descriptors 512” “ulimit -n 512” Logging launchctl log only error critical alert emergency This affects launchd (not sure about inheritance) Configuring launchd w/ launchctl

Modify the run environment (cont) STDOUT, STDERR lsof -Pp1 launchctl stdout /var/log/launchd.out Launchd saves it’s stdout there Environment Variables launchctl setenv bla bla2 Umask launchd umask 077 More, see “launchctl help” or “man launchctl” Configuring launchd w/ launchctl

Save launchctl commands /etc/launchd.conf (system settings) $HOME/.launchd.conf (user settings) Remove “launchctl” from command Example: umask 077 stdout /var/log/launchd.out stderr /var/log/launchd.err See “man launchd.conf” I was going to show ssh-agent...

Anyway has tried to use it on OS X knows it is a pain The ssh-agent binary needs a patch Couldn’t get OpenSSL 3.8.1p1 from Apple to compile There are “instructions” at www.opendarwin.org/~landonf/misc/launchd-sshagent It assumes you can compile OpenSSL It assumes you are using OpenSSL 4.0p1 10.4.1 comes with OpenSSL 3.8.1p1 I have a 3.8.1 patch file, if you can get OpenSSL to compile... Resources

“man” is your friend man launchd man launchd.plist man launchctl man launchd.conf BPSystemStartup.pdf from developer.apple.com SampleD from developer.apple.com (source code) Questions